According to the findings by the penetration testing team, which type of attack was possible on the web application?
The penetration testing team of MirTech Inc. identified the presence of various vulnerabilities in the web application coding. They prepared a detailed report addressing to the web developers regarding the findings. In the report, the penetration testing team advised the web developers to avoid the use of dangerous standard library...
Identify the attack being performed on the Android mobile user?
A user unknowingly installed a fake malicious banking app in his Android mobile. This app includes a configuration file that consists of phone numbers of the bank. When the user makes a call to the bank, he is automatically redirected to the number being used by the attacker. The attacker...
Which of the following roles of Microsoft Windows Active Directory refers to the ability of an active directory to transfer roles to any domain controller (DC) in the enterprise?
Which of the following roles of Microsoft Windows Active Directory refers to the ability of an active directory to transfer roles to any domain controller (DC) in the enterprise?A . Master Browser (MB)B . Global Catalog (GC)C . Flexible Single Master Operation (FSMO)D . Rights Management Services (RMS)View AnswerAnswer: C
To which type of information security act does the above conducts and activities best suit?
Irin is a newly joined penetration tester for XYZ Ltd. While joining, as a part of her training, she was instructed about various legal policies and information securities acts by her trainer. During the training, she was informed about a specific information security act related to the conducts and activities...
Which of the following penetration testing activities Jamie cannot perform on the Microsoft Azure cloud service?
An organization deployed Microsoft Azure cloud services for running their business activities. They appointed Jamie, a security analyst for performing cloud penetration testing. Microsoft prohibits certain tests to be carried out on their platform. Which of the following penetration testing activities Jamie cannot perform on the Microsoft Azure cloud service?A...
Which of the following will help Sandra decrypt the data packets without knowing the key?
Sandra, a wireless network auditor, discovered her client is using WEP. To prove the point that the WEP encryption is very weak, she wants to decrypt some WEP packets. She successfully captured the WEP data packets, but could not reach the content as the data is encrypted. Which of the...
Which of the following will you include in the recommendation section to enhance the security of the database server?
You have just completed a database security audit and writing the draft pen testing report. Which of the following will you include in the recommendation section to enhance the security of the database server?A . Allow direct catalog updatesB . Install SQL Server on a domain controllerC . Install a...
In order to stop or disable these unnecessary services or packages from the Ubuntu distributions, which of the following commands should Cedric employ?
Cedric, who is a software support executive working for Panacx Tech. Inc., was asked to install Ubuntu operating system in the computers present in the organization. After installing the OS, he came to know that there are many unnecessary services and packages in the OS that were automatically installed without...
What kind of penetration test did Fred ask the third-party penetration testing team to perform?
Fred, who owns a company called Skyfeit Ltd., wants to test the enterprise network for presence of any vulnerabilities and loopholes. He employed a third-party penetration testing team and asked them to perform the penetration testing over his organizational infrastructure. Fred briefed the team about his network infrastructure and provided...
Before creating the final penetration testing report, which of the following reports should Jason prepare in order to verify if any crucial information is missed from the report?
Jason is a penetration tester, and after completing the initial penetration test, he wanted to create a final penetration test report that consists of all activities performed throughout the penetration testing process. Before creating the final penetration testing report, which of the following reports should Jason prepare in order to...